editor's blog
Subscribe Now

Intentionally Fuzzy

All software has bugs; every system has some kind of vulnerability. And the canonical way of dealing with them is to fix the bugs or tighten the code to eliminate system weaknesses. And then we patch our systems, as anyone who has been late to the airport and has shut down their computer in a last-ditch effort to get out the door, only to have the computer say, “Updating 1 of 32… Please do not power down or unplug your computer,” can attest. (Because, when Windows decides it’s time to update, well, there’s not much in this universe that can out-prioritize that.)

Editorials aside, each of those patches required someone to find a problem, then figure out how to fix the problem, then actually fix it, and, finally, test to prove that the fix doesn’t do some other harm. And that all takes time. If the vulnerability is severe, then ne’er-do-wells could be out busily enjoying unfettered access to somewhere they’re not supposed to be while the hole is being plugged.

So, when it comes to security for important infrastructure like utilities and other industrial sites, you can’t wait for the fix. In fact, a fix might not even be forthcoming. Instead, you figure out what malevolent traffic might look like, and you block it. You’re not fixing the broken lock on the door to keep the burglar out; you’re simply putting a dog in front of the door to filter out the burglars.

This is the situation described to me by Wurldtech’s Greg Speakman and Nate Kube shortly after they announced that Siemens’s CERT lab had been certified on Wurldtech’s Achilles certification testing. Achilles is a test facility that includes “fuzzers” – tests that present equipment with traffic that is almost correct, but is mutated here or there. The idea is to see if such “nearly good” traffic can get in and cause an observable change in behavior (which might be benign or might have no deleterious effect unless sustained over time) or, worse yet, cause a system failure. They automatically create tests based on protocol standards and run those against their clients’ systems.

When issues are found, the signatures of the offending traffic enter their database and are used to strengthen the traffic filters. They claim to have found over 350 “0-days” for their clients. The oddly-named “0-day” refers to any vulnerability found by outsiders before the equipment company itself knows about it – they’ve had 0 days to respond to it.

That characterization makes sense for systems already out on the market, but apparently it still applies if a company contracts someone like Wurldtech to help with system validation before shipping the systems. The fact that the issue was found outside the company – even if at the company’s request, before any systems are shipped into the field – seems to qualify it as a 0-day (even though, if the equipment maker bought out the certification house or did similar testing in-house, then the same discovery would no longer be a 0-day).

You can find more on the recent Siemens certification in their release.

Leave a Reply

featured blogs
Jul 25, 2021
https://youtu.be/cwT7KL4iShY Made on "a tropical beach" Monday: Aerospace and Defense Systems Day...and DAU Tuesday: 75 Years of the Microprocessor Wednesday: CadenceLIVE Cloud Panel... [[ Click on the title to access the full blog on the Cadence Community site. ]]...
Jul 24, 2021
Many modern humans have 2% Neanderthal DNA in our genomes. The combination of these DNA snippets is like having the ghost of a Neanderthal in our midst....
Jul 23, 2021
Synopsys co-CEO Aart de Geus explains how AI has become an important chip design tool as semiconductor companies continue to innovate in the SysMoore Era. The post Entering the SysMoore Era: Synopsys Co-CEO Aart de Geus on the Need for AI-Designed Chips appeared first on Fro...
Jul 9, 2021
Do you have questions about using the Linux OS with FPGAs? Intel is holding another 'Ask an Expert' session and the topic is 'Using Linux with Intel® SoC FPGAs.' Come and ask our experts about the various Linux OS options available to use with the integrated Arm Cortex proc...

featured video

Adopt a Shift-left Methodology to Accelerate Your Product Development Process

Sponsored by Cadence Design Systems

Validate your most sophisticated SoC designs before silicon and stay on schedule. Balance your workload between simulation, emulation and prototyping for complete system validation. You need the right tool for the right job. Emulation meets prototyping -- Cadence Palladium and Protium Dynamic Duo for IP/SoC verification, hardware and software regressions, and early software development.

More information about Emulation and Prototyping

featured paper

Long-term consistent performance matters for humidity sensing applications

Sponsored by Texas Instruments

The exposed polymer of humidity sensors can be impacted by the environment, leading to drift over time. This article from Texas Instruments discusses the accuracy and long-term drift of humidity sensors and how these parameters affect system performance and lifetime.

Click to read more

featured chalk talk

Using the Graphical PMSM FOC Component in Harmony3

Sponsored by Mouser Electronics and Microchip

Developing embedded software, and particularly configuring your embedded system can be a major pain for development engineers. Getting all the drivers, middleware, and libraries you need set up and in the right place and working is a constant source of frustration. In this episode of Chak Talk, Amelia Dalton chats with Brett Novak of Microchip about Microchip’s MPLAB Harmony 3, with the MPLAB Harmony Configurator - an embedded development framework with a drag-and-drop GUI that makes configuration a snap.

Click here for more information about Microchip Technology MPLAB® X Integrated Development Environment (IDE)